Policy as of 18 February 2021.
Our business is your privacy, not your personal information.
For us, this means that we aim to know as little about you as we need to to run this service.
On this page we explain what information we collect and do not collect. We also explain what you can do to exercise your rights.
We are PrivateStorage.io Inc, and this page covers the storage service we offer, our website (https://private.storage and subpages) and our owners (collectively, ‘We,’ ‘Us,’ ‘Data Controller’ or ‘PrivateStorage.io’). We're moving our mailing address. We'll provide our address as soon as we're settled.
When you connect to the PrivateStorage service for the first time, the PrivateStorage desktop application will generate (and store locally) the cryptographic capability needed to access and recover data stored on our servers. Please create and save a Recovery Key as we will not have access to it for support purposes.
The data that you sync is stored on our servers. This data is encrypted before it leaves your device. As we do not have your encryption keys, we do not have the ability to decrypt and/or read the data.
In other words: We cannot read your data when it is stored by us.
Read more about this on the Features Page
In addition, in normal use of PrivateStorage, we do not log anything about your use of the service.
In exceptional circumstances, such as when a potential problem with data integrity is detected, our server may automatically create an "incident log", which can contain information like file size, and your IP address. We use this information to understand and address possible errors in our service. We keep these logs for 30 days and then delete them.
We use an open-source analytics program with a strong privacy focus, called Matomo, to record and analyze visits to our website.
Matomo informs us about how visitors use our website, and in doing so helps to inform us about how we can improve it, as well as about the impact of any marketing effort we may undertake.
While analyzing website visits, Matomo is respectful of privacy in a few different ways. These include:
It respects DoNotTrack requests from your browser. You can set this in your browser preferences.
It also allows you to manually opt out of having your website visits recorded, by unchecking the box below:
It anonymizes IP addresses by three bytes (so, for example, it keeps 91.xxx.xxx.xxx instead of 91.101.294.41). This way we cannot see from where exactly you are visiting this website.
It allows us to set a period after which the raw visits data are automatically deleted, currently set for 180 days.
It also allows us to disable tracking cookies, which means that we do not try to connect your current visit to our website to a previous visit.
The information Matomo collects is:
When you buy PrivateStorage Credits, your payment information gets sent to our payment provider Stripe to process the payment.
This information includes payment method information (such as credit or debit card number, or bank account information), purchase amount, date of purchase, your name, billing address, your IP address, operating system, browser and device. In some cases, Stripe uses your transaction history to authenticate you.
Although we do not store this information and do not want to be able to access it, Stripe provides us access to it through their administrative interface. At the moment, Stripe does not offer us a way to disable such access.
On our side, we record the voucher number used to generate the payment, the Stripe token, currency, amount, and when a transaction took place (date and time). We use this information for business accounting and administration purposes. We retain this information indefinitely. We cannot link this information to individuals spending their PrivateStorageCredits.
When you contact Support through the website, we will keep your email address and message(s) until 7 days after the closure of the issue. After 7 days, the closed issue and the corresponding email address will be erased from our system.
The PrivateStorage.io website offers the possibility to be notified when we release the product to the general public. If you submit your email address there, we will use and keep it only to notify you when the product is released. After we send you an email with that notification, we will permanently delete your email address.
The PrivateStorage.io website includes information that enables you to contact us via email. If you contact us by email, any personal information that you send us is automatically stored. We use such personal information sent voluntarily for the purpose of processing the email or to contact you. We do not transfer this personal information to any third parties whatsoever.
We may share your personal information in limited circumstances as listed below. PrivateStorage.io never sells your information or shares it with third-party advertisers.
But overall: We cannot provide information that we do not have (see Information we collect and how we use it).
We may disclose information that we do have, if we believe it is reasonably necessary to comply with a law, regulation, or valid legal process. Our legal representation scrutinizes each and every legal request that we receive for compliance with both the "spirit" and letter of the law. For invalid or overly broad subpoenas, we will question or attempt to narrow the scope of any subject matter sought. Moreover, when it is possible and a valid option we will provide you with an opportunity to object to any requested disclosures. PrivateStorage.io will not participate with any request that is unconstitutional.
When you share your unique key with others through PrivateStorage.io, any and all information stored with that key will be accessible to these other people.
We may disclose aggregate, non-identifying information about how our users use PrivateStorage.io products. For example, we may disclose the total amount of PrivateStorage Credits sold, or the total amount of storage space used.
PrivateStorage.io products are designed to have several layers of security.
While the transmission of data across the internet is never fully secure, we must inform you that we cannot guarantee that unauthorized third-parties will never be able to work around our internal security. PrivateStorage.io is offered to you at your own risk, and you are responsible for taking reasonable measures to secure your key (such as maintaining the confidentiality and integrity of your key).
If you discover or are informed of a vulnerability in PrivateStorage, we would appreciate any report you submit to our Whitehat Program available at https://private.storage/whitehat-program/.
You have control over your personal information and how it is collected, used, and shared. For example, you have a right to:
The Children’s Online Privacy Protection Act (COPPA) was passed to give parents increased control over what information is collected from their children online and how such information is used. The law applies to websites and services directed to, and which knowingly collect information from children under the age of 13. Our online services are not directed to children under the age of 13, nor is information knowingly collected from them. For additional information on COPPA protections, please see the FTC website at: https://www.consumer.ftc.gov/articles/0031-protecting-your-childs-privacy-online
You can disable your PrivateStorage.io services at any time by not making further payments to purchase PrivateStorage Credits. This means your access to the service will be unavailable if you run out of PrivateStorage Credits, and your stored data will be automatically deleted in the normal course of business without any further notice to you.